package com.ai.sml.interceptor;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.ai.frame.logger.Logger;
import com.ai.frame.logger.LoggerFactory;

/**
 * 自定义Realm 用于用户认证与授权
 *
 */
public class UserRealm extends AuthorizingRealm {
	private static final Logger logger = LoggerFactory.getActionLog(UserRealm.class);

	@Override
	public void setName(String name) {
		// TODO Auto-generated method stub
		super.setName("UserRealm");
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		UsernamePasswordToken upToken = (UsernamePasswordToken) token;
		String principal = upToken.getUsername();
		String password = new String(upToken.getPassword());
		
		//在数据库获取的密码
		String credentials = password;
		
		
		return new SimpleAuthenticationInfo(principal, credentials, getName());
	}
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

		String account = (String)principals.getPrimaryPrincipal();
	System.out.println(account);	
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		Collection<String> permissions = new ArrayList<String>();
		//db quanxian
		permissions.add("selfcenter");
		info.addStringPermissions(permissions);
		return info;
	}



}
